USN-949-1: OpenOffice.org vulnerability
8 June 2010
OpenOffice.org could be made to run programs as your login if it opened a specially crafted document and examined the included macros.
- openoffice.org - full-featured office productivity suite
Marc Schoenefeld discovered that OpenOffice.org would run document macros
from the macro browser, even when macros were disabled. If a user were
tricked into opening a specially crafted document and examining a macro,
a remote attacker could execute arbitrary code with user privileges.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart OpenOffice.org to make
all the necessary changes.